105 lines
3.8 KiB
PHP
105 lines
3.8 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
require_once 'vendor/autoload.php';
|
|
require_once 'includes/api_keys.php';
|
|
|
|
if (!isset($_GET['session_id'])) {
|
|
header("Location: index.php");
|
|
exit();
|
|
}
|
|
|
|
$stripe_session_id = $_GET['session_id'];
|
|
$pdo = db();
|
|
$session_id = session_id();
|
|
|
|
\Stripe\Stripe::setApiKey($stripeSecretKey);
|
|
|
|
try {
|
|
$checkout_session = \Stripe\Checkout\Session::retrieve($stripe_session_id);
|
|
$metadata = $checkout_session->metadata;
|
|
$user_id = $metadata->user_id ?? null;
|
|
$is_guest = !$user_id;
|
|
|
|
if ($checkout_session->payment_status == 'paid') {
|
|
$delivery_address = null;
|
|
$phone_number = null;
|
|
$guest_name = null;
|
|
$guest_email = null;
|
|
$guest_token = null;
|
|
|
|
if ($is_guest) {
|
|
$guest_name = $metadata->guest_name ?? '';
|
|
$guest_email = $metadata->guest_email ?? '';
|
|
$delivery_address = $metadata->guest_address ?? 'N/A';
|
|
$phone_number = $metadata->guest_phone ?? 'N/A';
|
|
$cart_identifier = $session_id;
|
|
$cart_column = 'session_id';
|
|
$guest_token = $metadata->token ?? null; // Use token from metadata
|
|
} else {
|
|
$stmt = $pdo->prepare("SELECT address, phone FROM users WHERE id = ?");
|
|
$stmt->execute([$user_id]);
|
|
$user = $stmt->fetch();
|
|
$delivery_address = $user ? $user['address'] : 'N/A';
|
|
$phone_number = $user ? $user['phone'] : 'N/A';
|
|
$cart_identifier = $user_id;
|
|
$cart_column = 'user_id';
|
|
}
|
|
|
|
// Fetch cart items
|
|
$stmt = $pdo->prepare("SELECT c.*, mi.price, mi.restaurant_id FROM cart c JOIN menu_items mi ON c.menu_item_id = mi.id WHERE c.$cart_column = ?");
|
|
$stmt->execute([$cart_identifier]);
|
|
$cart_items = $stmt->fetchAll();
|
|
|
|
if (empty($cart_items)) {
|
|
header("Location: index.php");
|
|
exit();
|
|
}
|
|
|
|
$total_price = $_SESSION['total_price'] ?? 0;
|
|
$discount_amount = $_SESSION['discount_amount'] ?? 0;
|
|
$coupon_id = $metadata->coupon_id ?? null;
|
|
$restaurant_id = $cart_items[0]['restaurant_id']; // Assuming order from one restaurant
|
|
|
|
// Create order
|
|
$stmt = $pdo->prepare("INSERT INTO orders (user_id, restaurant_id, total_price, status, stripe_session_id, delivery_address, phone_number, coupon_id, discount_amount, guest_name, guest_email, token) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
|
$stmt->execute([$user_id, $restaurant_id, $total_price, 'paid', $stripe_session_id, $delivery_address, $phone_number, $coupon_id, $discount_amount, $guest_name, $guest_email, $guest_token]);
|
|
$order_id = $pdo->lastInsertId();
|
|
|
|
// Insert order items
|
|
$stmt = $pdo->prepare("INSERT INTO order_items (order_id, menu_item_id, quantity, price) VALUES (?, ?, ?, ?)");
|
|
foreach ($cart_items as $item) {
|
|
$stmt->execute([$order_id, $item['menu_item_id'], $item['quantity'], $item['price']]);
|
|
}
|
|
|
|
// Clear cart
|
|
$stmt = $pdo->prepare("DELETE FROM cart WHERE $cart_column = ?");
|
|
$stmt->execute([$cart_identifier]);
|
|
|
|
// Clear coupon session variables
|
|
unset($_SESSION['coupon_id']);
|
|
unset($_SESSION['coupon_code']);
|
|
unset($_SESSION['discount_percentage']);
|
|
unset($_SESSION['total_price']);
|
|
unset($_SESSION['discount_amount']);
|
|
unset($_SESSION['subtotal']);
|
|
|
|
$_SESSION['order_id'] = $order_id;
|
|
if ($is_guest) {
|
|
$_SESSION['token'] = $guest_token;
|
|
}
|
|
|
|
header("Location: order_confirmation.php");
|
|
exit();
|
|
|
|
} else {
|
|
header("Location: payment-cancel.php");
|
|
exit();
|
|
}
|
|
} catch (\Stripe\Exception\ApiErrorException $e) {
|
|
// Handle Stripe API errors
|
|
error_log($e->getMessage());
|
|
header("Location: payment-cancel.php");
|
|
exit();
|
|
}
|